diff --git a/CASA/configure.in b/CASA/configure.in index 730e1b64..365196eb 100644 --- a/CASA/configure.in +++ b/CASA/configure.in @@ -41,7 +41,7 @@ case $host_os in ;; *) AC_CHECK_PROG(CSC, csc, csc) - test -z "$CSC" && AC_CHECK_PROG(CSC, mcs, mcs) + test -z "$CSC" && AC_CHECK_PROG(CSC, gmcs, gmcs) test -z "$CSC" && AC_MSG_ERROR([no acceptable C Sharp compiler found in \$PATH]) ;; @@ -51,7 +51,7 @@ case $CSC in # # Mono-specific configuration # - mcs) + gmcs) CSC_EXEFLAG=/target:exe CSC_LIBFLAG=/target:library CSC_EXEFLAG=/target:exe diff --git a/CASA/micasad/Makefile.am b/CASA/micasad/Makefile.am index 88dd388a..51b9b370 100644 --- a/CASA/micasad/Makefile.am +++ b/CASA/micasad/Makefile.am @@ -126,6 +126,7 @@ CSFILES_CSC := $(subst /,$(SEP),$(CSFILES)) CS_FLAGS = -d:LINUX -nowarn:169 CS_RESOURCES = CS_LIBS =Mono.Posix.dll \ + System.Security.dll \ nunit.core.dll \ nunit.framework.dll \ nunit.extensions.dll \ diff --git a/CASA/micasad/cache/SecretStore.cs b/CASA/micasad/cache/SecretStore.cs index 1dc7d16f..d2c2a266 100644 --- a/CASA/micasad/cache/SecretStore.cs +++ b/CASA/micasad/cache/SecretStore.cs @@ -55,11 +55,15 @@ namespace sscs.cache private static int STATE_LOCKED = 2; private LocalStorage lss = null; + private LocalStorage slss = null; // For Server Secrets + bool bIsStorePersistent = false; - string m_persistenceDirectory = null; - private static string POLICY_DIRECTORY = "/home/.casa"; - - private MPFileWatcher mpWatcher = null; + bool bIsServerStorePersistent = false; + + string m_persistenceDirectory = null; + private static string POLICY_DIRECTORY = "/home/.casa"; + + private MPFileWatcher mpWatcher = null; private DateTime createTime; public DateTime CreateTime @@ -175,10 +179,74 @@ namespace sscs.cache catch { } - return false; } + internal bool StartPersistenceOfServerSecretsBySystemKey() + { + // make sure we have a Persistence Directory + if (GetPersistenceDirectory() == null || GetPersistenceDirectory().Length < 1 || !Directory.Exists(GetPersistenceDirectory())) + { + CSSSLogger.DbgLog("StartPersistenceOfServerSecretsBySystemKey - No Persistence directory yet"); + CSSSLogger.DbgLog("Directory: [" + GetPersistenceDirectory() + "]"); + return false; + } + + try + { + byte[] baPasscode; + /* Persistence could have started because the user + * could have set master password. + */ + if(slss != null && bIsServerStorePersistent == true) + { + CSSSLogger.DbgLog(CSSSLogger.GetExecutionPath(this) + " Server Secrets Store is already persistent"); + CSSSLogger.DbgLog("StartPersistenceOfServerSecretsBySystemKey - Started"); + return true; + } + + if(!File.Exists(GetServerPasscodeBySystemKeyFilePath())) + { +/* + if (File.Exists(GetServerPasscodeByMasterPasswdFilePath())) + { + // wait for the user to start the Persistence by entering MP + return false; + } +*/ + baPasscode = CASACrypto.GenerateServerMasterPasscode( + GetServerPasscodeBySystemKeyFilePath(), + GetServerValidationFilePath()); + + if( null == baPasscode ) + { + return false; + } + + if(!File.Exists(GetServerKeyFilePath())) + { + GenerateAndStoreEncryptionKey(baPasscode, GetServerKeyFilePath()); + slss = new LocalStorage(this, baPasscode, true); + bIsServerStorePersistent = true; + return true; + } + } + + baPasscode = CASACrypto.GetServerMasterPasscodeUsingSystemKey(GetServerPasscodeBySystemKeyFilePath()); + if(CASACrypto.ValidatePasscode(baPasscode,GetServerValidationFilePath())) + { + slss = new LocalStorage(this, baPasscode, true); + bIsServerStorePersistent = true; + return true; + } + } + catch(Exception e) + { + CSSSLogger.ExpLog(e.ToString()); + } + return false; + } + internal bool StartPersistenceByDesktopPasswd(string desktopPasswd) { CSSSLogger.DbgLog("StartPersistenceByDesktopPasswd - Called"); @@ -246,7 +314,7 @@ namespace sscs.cache if(!File.Exists(GetKeyFilePath())) { - GenerateAndStoreEncryptionKey(baPasscode); + GenerateAndStoreEncryptionKey(baPasscode, GetKeyFilePath()); lss = new LocalStorage(this,baPasscode); bIsStorePersistent = true; return true; @@ -286,7 +354,7 @@ namespace sscs.cache return false; } - internal bool GenerateAndStoreEncryptionKey(byte[] baPasscode) + internal bool GenerateAndStoreEncryptionKey(byte[] baPasscode, string fileName) { RijndaelManaged myRijndael = new RijndaelManaged(); byte[] key; @@ -297,9 +365,7 @@ namespace sscs.cache myRijndael.GenerateKey(); key = myRijndael.Key; - CASACrypto.StoreKeySetUsingMasterPasscode(key,IV, - baPasscode, - GetKeyFilePath()); + CASACrypto.StoreKeySetUsingMasterPasscode(key, IV, baPasscode, fileName); } catch (Exception e) { @@ -308,7 +374,6 @@ namespace sscs.cache return true; } - internal bool SetMasterPassword(string mPasswdFromIDK) { try @@ -341,12 +406,17 @@ namespace sscs.cache else { // try old method - baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd(desktopPasswd, GetPasscodeByDesktopFilePath(), true); + baPasscode = CASACrypto.GetMasterPasscodeUsingDesktopPasswd( + desktopPasswd, + GetPasscodeByDesktopFilePath(), + true); if (CASACrypto.ValidatePasscode(baPasscode, GetValidationFilePath())) { // rewrite file using new method - CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode, desktopPasswd, GetPasscodeByDesktopFilePath()); - + CASACrypto.EncryptAndStoreMasterPasscodeUsingString( + baPasscode, + desktopPasswd, + GetPasscodeByDesktopFilePath()); CASACrypto.EncryptAndStoreMasterPasscodeUsingString( baPasscode, @@ -406,7 +476,7 @@ namespace sscs.cache { if(!File.Exists(GetKeyFilePath())) { - GenerateAndStoreEncryptionKey(baPasscode); + GenerateAndStoreEncryptionKey(baPasscode, GetKeyFilePath()); } CASACrypto.EncryptAndStoreMasterPasscodeUsingString(baPasscode,mPasswd,GetPasscodeByMasterPasswdFilePath()); @@ -674,6 +744,8 @@ namespace sscs.cache { if (lss != null) lss.PersistStoreWithDelay(); + if (slss != null) + slss.PersistServerStoreWithDelay(); } /* This function would need to do any storage/cleanup required @@ -682,7 +754,9 @@ namespace sscs.cache internal bool CommitStore() { if(lss != null) - lss.PersistStore(); + lss.PersistStore(ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); + if(slss != null) + slss.PersistStore(ConstStrings.SSCS_SERVER_KEY_CHAIN_ID); return true; } @@ -724,6 +798,7 @@ namespace sscs.cache { return state; } + internal int GetNumKeyChains() { return keyChainList.Count; @@ -824,7 +899,8 @@ namespace sscs.cache // let's migrate the files if needed string sNewPath = POLICY_DIRECTORY + "/" + user.GetUserName(); - try { + try + { if (Directory.GetFiles(sNewPath, ".miCASA*").Length > 0) return sNewPath; @@ -846,7 +922,6 @@ namespace sscs.cache } return (sNewPath); - } internal bool SetPeristenceDirectory(string sNewDirectory) @@ -866,7 +941,6 @@ namespace sscs.cache } return false; - } internal string GetKeyFilePath() @@ -897,14 +971,42 @@ namespace sscs.cache return persistDir + ConstStrings.MICASA_VALIDATION_FILE; } + internal string GetServerKeyFilePath() + { + string persistDir = GetPersistenceDirectory(); + return persistDir + ConstStrings.MICASA_SERVER_KEY_FILE; + } + internal string GetServerPasscodeBySystemKeyFilePath() + { + string persistDir = GetPersistenceDirectory(); + return persistDir + ConstStrings.MICASA_SERVER_PASSCODE_BY_SYSTEM_KEY_FILE; + } + internal string GetServerPasscodeByMasterPasswdFilePath() + { + string persistDir = GetPersistenceDirectory(); + return persistDir + ConstStrings.MICASA_SERVER_PASSCODE_BY_MASTERPASSWD_FILE; + } + + internal string GetServerSecretsPersistenceFilePath() + { + string persistDir = GetPersistenceDirectory(); + return persistDir + ConstStrings.MICASA_SERVER_PERSISTENCE_FILE; + } + + internal string GetServerValidationFilePath() + { + string persistDir = GetPersistenceDirectory(); + return persistDir + ConstStrings.MICASA_SERVER_VALIDATION_FILE; + } internal byte[] GetSecrets(string sEncryptionString) { if (lss != null) { - MemoryStream ms = LocalStorage.GetSecretsAsXMLStream(this); + MemoryStream ms = LocalStorage.GetSecretsAsXMLStream(this, null); + byte[] baSecrets = ms.ToArray(); // encrypt if an encryptionstring was passed diff --git a/CASA/micasad/common/Constants.cs b/CASA/micasad/common/Constants.cs index 39ef0cc2..ded99b6d 100644 --- a/CASA/micasad/common/Constants.cs +++ b/CASA/micasad/common/Constants.cs @@ -21,133 +21,151 @@ ***********************************************************************/ -using System; -namespace sscs.constants -{ - class IPCRetCodes - { - internal static int SSCS_REPLY_SUCCESS = 0; - internal static int SSCS_E_INVALID_MESSAGE = -1; - internal static int SSCS_E_VERSION_NOT_SUPPORTED = -2; - internal static int SSCS_E_SYSTEM_ERROR = -3; - internal static int SSCS_E_REPLY_NOT_AVAILABLE = -4; - internal static int SSCS_E_INVALID_KEYCHAIN = -5; - internal static int SSCS_E_INVALID_SECRETID = -6; - internal static int SSCS_E_KEYCHAIN_ALREADY_EXISTS = -7; - internal static int SSCS_E_MAX_KEYCHAINS_REACHED = -8; - internal static int SSCS_E_ADD_KEYCHAIN_FAILED = -9; - internal static int SSCS_E_NO_KEYCHAINS_EXIST = -10; - internal static int SSCS_E_KEYCHAIN_DOES_NOT_EXIST = -11; - internal static int SSCS_E_REMOVE_KEYCHAIN_FAILED = -12; - internal static int SSCS_E_WRITE_SECRET_FAILED = -13; - internal static int SSCS_E_ADDING_DEFAULT_KEYCHAIN_FAILED = -14; - internal static int SSCS_E_NO_SECRETS_EXIST = -15; - internal static int SSCS_E_REMOVE_SECRET_FAILED = -16; - internal static int SSCS_E_GET_SOCKET_PATH_FAILED = -17; - internal static int SSCS_E_CREATE_SOCKET_FAILED = -18; - internal static int SSCS_E_SECRETID_DOES_NOT_EXIST = -19; - internal static int SSCS_E_INVALID_INPUT = -20; - internal static int SSCS_E_SETTING_PASSCODE_FAILED = -21; - internal static int SSCS_PROMPT_PASSCODE = 1; - internal static int SSCS_STORE_IS_PERSISTENT = -22; - internal static int SSCS_STORE_IS_NOT_PERSISTENT = -23; - internal static int SSCS_SECRET_IS_PERSISTENT = -24; - internal static int SSCS_SECRET_IS_NOT_PERSISTENT = -25; - internal static int SSCS_SECRET_STORE_IS_LOCKED = -26; - } - - internal class ReqMsgId - { - - } - internal class RespMsgId - { - - } - - internal class RetCodes - { - internal static int SUCCESS = 0; - internal static int FAILURE = -1; - internal static int LOAD_HIDDEN_ONLY = 1; - internal static int LOAD_ALL_EXCEPT_HIDDEN = 2; - internal static int WRITE_HIDDEN_ONLY = 3; - internal static int WRITE_ALL_EXCEPT_HIDDEN = 4; - internal static int WRITE_ALL = 5; - } - - internal class ConstStrings - { - internal static string SSCS_SESSION_KEY_CHAIN_ID = "SSCS_SESSION_KEY_CHAIN_ID"; - internal static string SSCS_LOCAL_KEY_CHAIN_ID = "SSCS_LOCAL_KEY_CHAIN_ID"; - internal static string SSCS_HIDDEN_LOCAL_KEYCHAIN_ID = "SSCS_HIDDEN_LOCAL_KEYCHAIN_ID"; - internal static string SSCS_REMOTE_KEYCHAIN_ID = "SSCS_REMOTE_KEYCHAIN_ID"; - internal static string SSCS_LOCAL_REMOTE_KEYCHAIN_ID = "SSCS_LOCAL_REMOTE_KEYCHAIN_ID"; - - //TBD , Need to look at Novell standard for the desktop - internal static string SSCS_WIN_ENGINELOG = "c:\\CSSS.log"; - internal static string SSCS_WIN_DEBUGLOG = "c:\\CSSSDEBUG.log"; - - //TBD , Need to look at Novell standard for the desktop - internal static string SSCS_LINUX_ENGINELOG = "/var/log/localmessages"; - internal static string SSCS_LINUX_DEBUGLOG = "/var/log/micasad_debug.log"; - internal static string SSCS_LINUX_PIDFILE = "/var/run/micasad.pid"; - - - internal static bool STATUS = true; - internal static bool DEBUG = false; - - internal static string MICASA_DESKTOP_PASSWD = "SS_CredSet:Desktop\0"; - -// internal static string MICASA_DESKTOP_PASSWD_KEYNAME = "Password\0"; - internal static string MICASA_DESKTOP_PASSWD_KEYNAME = "Password"; - - // The file where the key (encrypted with master passcode) - // would be stored - internal static string MICASA_PASSCODE_BY_DESKTOP_FILE = "/.miCASAPCByDesktop"; - - internal static string MICASA_PASSCODE_BY_MASTERPASSWD_FILE = "/.miCASAPCByMPasswd"; - - //The file where all possible passwds are cross encrypted and - //stored to provide multiple recovery points. - internal static string MICASA_KEY_FILE = "/.miCASAKey"; - - //The file where the user's credentials are persisted. - internal static string MICASA_PERSISTENCE_FILE = "/.miCASA"; - - //The file required to validate the desktop passwd - internal static string MICASA_VALIDATION_FILE = "/.miCASAValidate"; - - internal static string MICASA_VALIDATION_STRING = "miCASAValidationString"; - - // these are used in the GUI too. - internal static string CONFIG_PERSISTENT_DIRECTORY = "PersistentDirectory"; - internal static string CONFIG_PERSIST_SECRETS = "PersistSecrets"; - internal static string CONFIG_DECRYPT_USING_DESKTOP_PASS = "DecryptUsingDesktopPassword"; - - } - - internal class ConstFlags - { - internal static uint SSFLAGS_DESTROY_SESSION_F = 1; - } - internal class XmlConsts - { - internal static string miCASANode = "miCASA"; - internal static string versionAttr = "version"; - internal static string keyChainNode = "KeyChain"; - internal static string idAttr = "id"; - internal static string secretNode = "Secret"; - internal static string valueNode = "Value"; - internal static string timeNode = "Time"; - internal static string createdTimeNode = "created"; - internal static string modifiedTimeNode = "modified"; - internal static string keyNode = "Key"; - internal static string keyValueNode = "KeyValue"; - internal static string linkedKeyNode = "LinkedKey"; - internal static string linkedTargetSecretNode = "TargetSecret"; - internal static string linkedTargetKeyNode = "TargetKey"; - } -} - - +using System; +namespace sscs.constants +{ + class IPCRetCodes + { + internal static int SSCS_REPLY_SUCCESS = 0; + internal static int SSCS_E_INVALID_MESSAGE = -1; + internal static int SSCS_E_VERSION_NOT_SUPPORTED = -2; + internal static int SSCS_E_SYSTEM_ERROR = -3; + internal static int SSCS_E_REPLY_NOT_AVAILABLE = -4; + internal static int SSCS_E_INVALID_KEYCHAIN = -5; + internal static int SSCS_E_INVALID_SECRETID = -6; + internal static int SSCS_E_KEYCHAIN_ALREADY_EXISTS = -7; + internal static int SSCS_E_MAX_KEYCHAINS_REACHED = -8; + internal static int SSCS_E_ADD_KEYCHAIN_FAILED = -9; + internal static int SSCS_E_NO_KEYCHAINS_EXIST = -10; + internal static int SSCS_E_KEYCHAIN_DOES_NOT_EXIST = -11; + internal static int SSCS_E_REMOVE_KEYCHAIN_FAILED = -12; + internal static int SSCS_E_WRITE_SECRET_FAILED = -13; + internal static int SSCS_E_ADDING_DEFAULT_KEYCHAIN_FAILED = -14; + internal static int SSCS_E_NO_SECRETS_EXIST = -15; + internal static int SSCS_E_REMOVE_SECRET_FAILED = -16; + internal static int SSCS_E_GET_SOCKET_PATH_FAILED = -17; + internal static int SSCS_E_CREATE_SOCKET_FAILED = -18; + internal static int SSCS_E_SECRETID_DOES_NOT_EXIST = -19; + internal static int SSCS_E_INVALID_INPUT = -20; + internal static int SSCS_E_SETTING_PASSCODE_FAILED = -21; + internal static int SSCS_PROMPT_PASSCODE = 1; + internal static int SSCS_STORE_IS_PERSISTENT = -22; + internal static int SSCS_STORE_IS_NOT_PERSISTENT = -23; + internal static int SSCS_SECRET_IS_PERSISTENT = -24; + internal static int SSCS_SECRET_IS_NOT_PERSISTENT = -25; + internal static int SSCS_SECRET_STORE_IS_LOCKED = -26; + } + + internal class ReqMsgId + { + + } + internal class RespMsgId + { + + } + + internal class RetCodes + { + internal static int SUCCESS = 0; + internal static int FAILURE = -1; + internal static int LOAD_HIDDEN_ONLY = 1; + internal static int LOAD_ALL_EXCEPT_HIDDEN = 2; + internal static int WRITE_HIDDEN_ONLY = 3; + internal static int WRITE_ALL_EXCEPT_HIDDEN = 4; + internal static int WRITE_ALL = 5; + } + + internal class ConstStrings + { + internal static string SSCS_SESSION_KEY_CHAIN_ID = "SSCS_SESSION_KEY_CHAIN_ID"; + internal static string SSCS_SERVER_KEY_CHAIN_ID = "SSCS_SERVER_KEY_CHAIN_ID"; + internal static string SSCS_LOCAL_KEY_CHAIN_ID = "SSCS_LOCAL_KEY_CHAIN_ID"; + internal static string SSCS_HIDDEN_LOCAL_KEYCHAIN_ID = "SSCS_HIDDEN_LOCAL_KEYCHAIN_ID"; + internal static string SSCS_REMOTE_KEYCHAIN_ID = "SSCS_REMOTE_KEYCHAIN_ID"; + internal static string SSCS_LOCAL_REMOTE_KEYCHAIN_ID = "SSCS_LOCAL_REMOTE_KEYCHAIN_ID"; + + //TBD , Need to look at Novell standard for the desktop + internal static string SSCS_WIN_ENGINELOG = "c:\\CSSS.log"; + internal static string SSCS_WIN_DEBUGLOG = "c:\\CSSSDEBUG.log"; + + //TBD , Need to look at Novell standard for the desktop + internal static string SSCS_LINUX_ENGINELOG = "/var/log/localmessages"; + internal static string SSCS_LINUX_DEBUGLOG = "/var/log/micasad_debug.log"; + internal static string SSCS_LINUX_PIDFILE = "/var/run/micasad.pid"; + + + internal static bool STATUS = true; + internal static bool DEBUG = false; + + internal static string MICASA_DESKTOP_PASSWD = "SS_CredSet:Desktop\0"; + +// internal static string MICASA_DESKTOP_PASSWD_KEYNAME = "Password\0"; + internal static string MICASA_DESKTOP_PASSWD_KEYNAME = "Password"; + + // The file where the key (encrypted with master passcode) + // would be stored + internal static string MICASA_PASSCODE_BY_DESKTOP_FILE = "/.miCASAPCByDesktop"; + + // The file where the passcode is stored encrypted with the system key. + // The system key here is the key used with the default key container + // for the user in Mono environment. + internal static string MICASA_SERVER_PASSCODE_BY_SYSTEM_KEY_FILE = "/.miCASASrvPCBySysKey"; + + internal static string MICASA_PASSCODE_BY_MASTERPASSWD_FILE = "/.miCASAPCByMPasswd"; + + // The passcode encrypted with the key derived from the masster password. + // The master password is the same as the one used with the user's application credentials. + internal static string MICASA_SERVER_PASSCODE_BY_MASTERPASSWD_FILE = "/.miCASASrvPCByMPasswd"; + + //The file where all possible passwds are cross encrypted and + //stored to provide multiple recovery points. + internal static string MICASA_KEY_FILE = "/.miCASAKey"; + + internal static string MICASA_SERVER_KEY_FILE = "/.miCASASrvKey"; + + //The file where the user's credentials are persisted. + internal static string MICASA_PERSISTENCE_FILE = "/.miCASA"; + + //The file where the services' credentials are persisted. + internal static string MICASA_SERVER_PERSISTENCE_FILE = "/.miCASASrv"; + + //The file required to validate the desktop passwd + internal static string MICASA_VALIDATION_FILE = "/.miCASAValidate"; + + //The file required to validate the passcode + internal static string MICASA_SERVER_VALIDATION_FILE = "/.miCASASrvValidate"; + + internal static string MICASA_VALIDATION_STRING = "miCASAValidationString"; + + // these are used in the GUI too. + internal static string CONFIG_PERSISTENT_DIRECTORY = "PersistentDirectory"; + internal static string CONFIG_PERSIST_SECRETS = "PersistSecrets"; + internal static string CONFIG_DECRYPT_USING_DESKTOP_PASS = "DecryptUsingDesktopPassword"; + + } + + internal class ConstFlags + { + internal static uint SSFLAGS_DESTROY_SESSION_F = 1; + } + internal class XmlConsts + { + internal static string miCASANode = "miCASA"; + internal static string versionAttr = "version"; + internal static string keyChainNode = "KeyChain"; + internal static string idAttr = "id"; + internal static string secretNode = "Secret"; + internal static string valueNode = "Value"; + internal static string timeNode = "Time"; + internal static string createdTimeNode = "created"; + internal static string modifiedTimeNode = "modified"; + internal static string keyNode = "Key"; + internal static string keyValueNode = "KeyValue"; + internal static string linkedKeyNode = "LinkedKey"; + internal static string linkedTargetSecretNode = "TargetSecret"; + internal static string linkedTargetKeyNode = "TargetKey"; + } +} + + diff --git a/CASA/micasad/common/SessionManager.cs b/CASA/micasad/common/SessionManager.cs index 14494a7d..41d12b84 100644 --- a/CASA/micasad/common/SessionManager.cs +++ b/CASA/micasad/common/SessionManager.cs @@ -91,6 +91,7 @@ namespace sscs.common ss = user.GetSecretStore(); ss.IncrRefCount(); ss.CreateTime = DateTime.Now; + ss.StartPersistenceOfServerSecretsBySystemKey(); return ss; } } diff --git a/CASA/micasad/communication/IPCChannel.cs b/CASA/micasad/communication/IPCChannel.cs index b8010dab..7e84d7bc 100644 --- a/CASA/micasad/communication/IPCChannel.cs +++ b/CASA/micasad/communication/IPCChannel.cs @@ -20,43 +20,44 @@ * ***********************************************************************/ -using System; -using System.Net; -using System.Net.Sockets; -#if W32 -using AppModule.NamedPipes; -#endif -using sscs.common; -namespace sscs.communication -{ - -abstract class IPCChannel -{ - /* This must check for the platform and return an - * appropriate IPCChannel. - */ -#if LINUX - internal static IPCChannel Create(Socket socket) - { - if(( (int)Environment.OSVersion.Platform) == 128) - return (new UnixIPCChannel(socket) ); - else - return null; - } - -#endif - -#if W32 - internal static IPCChannel Create(ServerPipeConnection serverPipe) - { - return (new WinIPCChannel(serverPipe)); - } -#endif - abstract internal UserIdentifier GetIPCChannelUserId(); - abstract internal int Read(byte[] buf); - abstract internal byte[] Read(); - abstract internal int Write(byte[] buf); - abstract internal void Close(); - -} -} +using System; +using System.Net; +using System.Net.Sockets; +#if W32 +using AppModule.NamedPipes; +#endif +using sscs.common; +namespace sscs.communication +{ + +abstract class IPCChannel +{ + /* This must check for the platform and return an + * appropriate IPCChannel. + */ +#if LINUX + internal static IPCChannel Create(Socket socket) + { + int platform = (int)Environment.OSVersion.Platform; + if(( platform ==4 ) || ( platform == 128 )) + return (new UnixIPCChannel(socket) ) ; + else + return null; + } + +#endif + +#if W32 + internal static IPCChannel Create(ServerPipeConnection serverPipe) + { + return (new WinIPCChannel(serverPipe)); + } +#endif + abstract internal UserIdentifier GetIPCChannelUserId(); + abstract internal int Read(byte[] buf); + abstract internal byte[] Read(); + abstract internal int Write(byte[] buf); + abstract internal void Close(); + +} +} diff --git a/CASA/micasad/lss/CASACrypto.cs b/CASA/micasad/lss/CASACrypto.cs index 18672892..29d87265 100644 --- a/CASA/micasad/lss/CASACrypto.cs +++ b/CASA/micasad/lss/CASACrypto.cs @@ -251,15 +251,15 @@ namespace sscs.crypto byte[] hash = sha.ComputeHash(xmlData); fsEncrypt.Write(hash,0,hash.Length); - fsEncrypt.Flush(); - -#if CLEAR - byte[] dup = (byte[])xmlData.Clone(); - // write clear file - FileStream fsClear = new FileStream(fileName + ".xml", FileMode.Create); - fsClear.Write(dup, 0, dup.Length); - fsClear.Flush(); - fsClear.Close(); + fsEncrypt.Flush(); + +#if true//#if CLEAR //RAJ + byte[] dup = (byte[])xmlData.Clone(); + // write clear file + FileStream fsClear = new FileStream(fileName + ".xml", FileMode.Create); + fsClear.Write(dup, 0, dup.Length); + fsClear.Flush(); + fsClear.Close(); #endif @@ -343,24 +343,24 @@ namespace sscs.crypto fsDecrypt.Close(); return null; } - } - - try - { - csDecrypt.Close(); - } - catch { } - - try - { - fsDecrypt.Close(); - } + } + + try + { + csDecrypt.Close(); + } + catch { } + + try + { + fsDecrypt.Close(); + } catch { } return tmpEncrypt; } catch(Exception e) - { + { CSSSLogger.DbgLog(e.ToString()); } @@ -533,55 +533,55 @@ namespace sscs.crypto { FileStream fsDecrypt = null; CryptoStream csDecrypt = null; - byte[] baSavedMasterPasscode = null; - - try - { - byte[] baKey = Generate16ByteKeyFromString(passwd, fileName, bTryOldMethod); - + byte[] baSavedMasterPasscode = null; + + try + { + byte[] baKey = Generate16ByteKeyFromString(passwd, fileName, bTryOldMethod); + /* Get a decryptor that uses the same key and * IV as the encryptor. - */ - RijndaelManaged myRijndael = new RijndaelManaged(); - ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey, RetrieveIV(fileName, baKey)); - //Now decrypt + */ + RijndaelManaged myRijndael = new RijndaelManaged(); + ICryptoTransform decryptor = myRijndael.CreateDecryptor(baKey, RetrieveIV(fileName, baKey)); + //Now decrypt #if LINUX UnixFileInfo fsTest = new UnixFileInfo (fileName); if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink) -#else - if (!File.Exists(fileName)) -#endif - { - return null; - } - - fsDecrypt = new FileStream(fileName, FileMode.Open); - csDecrypt = new CryptoStream(fsDecrypt, decryptor, - CryptoStreamMode.Read); - baSavedMasterPasscode = new byte[16]; - - //Read the data out of the crypto stream. - csDecrypt.Read(baSavedMasterPasscode, 0, 16); - } - catch (Exception e) - { - CSSSLogger.ExpLog(e.ToString()); - CSSSLogger.DbgLog("Unable to decrypt master passode"); - baSavedMasterPasscode = null; - } - - - try - { - if (csDecrypt != null) - csDecrypt.Close(); - } - catch { } - - - if (fsDecrypt != null) - fsDecrypt.Close(); - +#else + if (!File.Exists(fileName)) +#endif + { + return null; + } + + fsDecrypt = new FileStream(fileName, FileMode.Open); + csDecrypt = new CryptoStream(fsDecrypt, decryptor, + CryptoStreamMode.Read); + baSavedMasterPasscode = new byte[16]; + + //Read the data out of the crypto stream. + csDecrypt.Read(baSavedMasterPasscode, 0, 16); + } + catch (Exception e) + { + CSSSLogger.ExpLog(e.ToString()); + CSSSLogger.DbgLog("Unable to decrypt master passode"); + baSavedMasterPasscode = null; + } + + + try + { + if (csDecrypt != null) + csDecrypt.Close(); + } + catch { } + + + if (fsDecrypt != null) + fsDecrypt.Close(); + return baSavedMasterPasscode; @@ -642,7 +642,49 @@ namespace sscs.crypto } return null; } - //internal static string GenerateMasterPasscodeUsingDesktopPasswd( + + internal static byte[] GetServerMasterPasscodeUsingMasterPasswd( + string mPasswd, + string fileName, + bool bUseOldMethod) + { + return GetMasterPasscodeUsingMasterPasswd ( mPasswd, fileName, bUseOldMethod); + } + + internal static byte[] GetServerMasterPasscodeUsingSystemKey(string fileName) + { + byte[] baSavedMasterPasscode = null; + + try + { +#if LINUX + UnixFileInfo fsTest = new UnixFileInfo (fileName); + if((fsTest == null) || !(fsTest.Exists) || fsTest.IsSymbolicLink) +#else + if (!File.Exists(fileName)) +#endif + { + return null; + } + + FileStream fs = new FileStream(fileName, FileMode.Open, FileAccess.Read, FileShare.Read); + byte [] encryptedMasterPasscode = new byte[fs.Length]; + fs.Read(encryptedMasterPasscode, 0, (int) fs.Length); + fs.Close(); + + baSavedMasterPasscode = new byte[16]; + baSavedMasterPasscode = ProtectedData.Unprotect( encryptedMasterPasscode, null, DataProtectionScope.CurrentUser ); + } + catch (CryptographicException e) + { + CSSSLogger.ExpLog(e.ToString()); + CSSSLogger.DbgLog("Unable to decrypt master passode using the system key"); + baSavedMasterPasscode = null; + } + + return baSavedMasterPasscode; + } + internal static byte[] GenerateMasterPasscodeUsingString( string desktopPasswd, string fileName, @@ -678,13 +720,49 @@ namespace sscs.crypto return null; } + internal static byte[] GenerateServerMasterPasscode( + string fileName, + string validationFile + ) + { + byte[] baPasscode = null; + try + { + // use AES to generate a random 16 byte key; + RijndaelManaged myRijndael = new RijndaelManaged(); + myRijndael.KeySize = 128; + //Create a new key and initialization vector. + myRijndael.GenerateKey(); + baPasscode = myRijndael.Key; + + byte [] encryptedMasterPasscode = ProtectedData.Protect( baPasscode, null, DataProtectionScope.CurrentUser ); + FileStream fs = new FileStream(fileName, FileMode.Create); + File.SetAttributes(fileName, FileAttributes.Hidden); + fs.Write(encryptedMasterPasscode, 0, encryptedMasterPasscode.Length); + fs.Flush(); + fs.Close(); + + EncryptDataAndWriteToFile( + Encoding.Default.GetBytes(ConstStrings.MICASA_VALIDATION_STRING), + baPasscode, + validationFile); + } + catch(Exception e) + { + CSSSLogger.ExpLog(e.ToString()); + CSSSLogger.DbgLog("Generation of master passcode failed."); + baPasscode = null; + } + return baPasscode; + } + public static bool ValidatePasscode(byte[] baPasscode, string fileName) { /* Here we decrpyt a well known string, throw exception * if not successful * A well-known string is encrpyted by the Passcode and saved - */ - + */ + CSSSLogger.DbgLog("Validate called"); if ((baPasscode == null) || baPasscode.Length < 1 ) @@ -697,12 +775,12 @@ namespace sscs.crypto char[] trimChars = {'\0'}; sString = sString.TrimEnd(trimChars); if( ConstStrings.MICASA_VALIDATION_STRING.Equals(sString)) - { + { CSSSLogger.DbgLog("Passed"); return true; } else - { + { CSSSLogger.DbgLog("Failed"); return false; } @@ -713,65 +791,65 @@ namespace sscs.crypto CSSSLogger.DbgLog("Validation of passcode failed."); } return false; - } - - - private static byte[] GenerateAndSaveIV(string sFileName, RijndaelManaged theRiManaged) - { - theRiManaged.GenerateIV(); - byte[] baIV = theRiManaged.IV; - - try - { - if (File.Exists(sFileName + ".IV")) - File.Delete(sFileName + ".IV"); - - // now save this - FileStream fs = new FileStream(sFileName + ".IV", FileMode.Create); - fs.Write(baIV, 0, 16); - fs.Flush(); - fs.Close(); - - File.SetAttributes(sFileName + ".IV", FileAttributes.Hidden); - } - catch (Exception e) - { - CSSSLogger.DbgLog(e.ToString()); - } - - return baIV; - } - - private static byte[] RetrieveIV(string sFileName, byte[] baOrigValue) - { - - byte[] IV = new byte[16]; - // check for file existence - try - { - FileStream fs = new FileStream(sFileName + ".IV", FileMode.Open); - fs.Read(IV, 0, 16); - fs.Close(); - return IV; - } - catch (Exception e) - { - CSSSLogger.DbgLog(e.ToString()); - } - - // original IV size was 16 bytes, copy that much - if (baOrigValue.Length == 16) - { - return (byte[])baOrigValue.Clone(); - } - else - { - for (int i=0; i<16; i++) - { - IV[i] = baOrigValue[i]; - } - return IV; - } + } + + + private static byte[] GenerateAndSaveIV(string sFileName, RijndaelManaged theRiManaged) + { + theRiManaged.GenerateIV(); + byte[] baIV = theRiManaged.IV; + + try + { + if (File.Exists(sFileName + ".IV")) + File.Delete(sFileName + ".IV"); + + // now save this + FileStream fs = new FileStream(sFileName + ".IV", FileMode.Create); + fs.Write(baIV, 0, 16); + fs.Flush(); + fs.Close(); + + File.SetAttributes(sFileName + ".IV", FileAttributes.Hidden); + } + catch (Exception e) + { + CSSSLogger.DbgLog(e.ToString()); + } + + return baIV; + } + + private static byte[] RetrieveIV(string sFileName, byte[] baOrigValue) + { + + byte[] IV = new byte[16]; + // check for file existence + try + { + FileStream fs = new FileStream(sFileName + ".IV", FileMode.Open); + fs.Read(IV, 0, 16); + fs.Close(); + return IV; + } + catch (Exception e) + { + CSSSLogger.DbgLog(e.ToString()); + } + + // original IV size was 16 bytes, copy that much + if (baOrigValue.Length == 16) + { + return (byte[])baOrigValue.Clone(); + } + else + { + for (int i=0; i<16; i++) + { + IV[i] = baOrigValue[i]; + } + return IV; + } } private static void DumpIV(byte[] iv) diff --git a/CASA/micasad/lss/LocalStorage.cs b/CASA/micasad/lss/LocalStorage.cs index 895413f1..9f8dcefe 100644 --- a/CASA/micasad/lss/LocalStorage.cs +++ b/CASA/micasad/lss/LocalStorage.cs @@ -65,21 +65,31 @@ namespace sscs.lss private int persistThreadSleepTime = 1000 * 60 * 5; //1000 * 30; private Thread persistThread = null; + private Thread sPersistThread = null; #if LINUX - Mono.Unix.UnixFileSystemInfo sockFileInfo; + Mono.Unix.UnixFileSystemInfo sockFileInfo; Mono.Unix.UnixUserInfo sockFileOwner; #endif private static string LINUXID = "Unix"; + internal LocalStorage(SecretStore store, byte[] baMasterPasscode, bool dummy) // Merge this with the next cons - RAJ + { + userStore = store; + m_baGeneratedKey = baMasterPasscode; + LoadPersistentStore(ConstStrings.SSCS_SERVER_KEY_CHAIN_ID); + //userStore.DumpSecretstore(); + } + internal LocalStorage(SecretStore store,byte[] baMasterPasscode) { userStore = store; m_baGeneratedKey = baMasterPasscode; - LoadPersistentStore(); + LoadPersistentStore(ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); userStore.DumpSecretstore(); } + ~LocalStorage() { if(persistThread != null) @@ -87,6 +97,12 @@ namespace sscs.lss persistThread.Abort(); persistThread.Join(); } + + if(sPersistThread != null) + { + sPersistThread.Abort(); + sPersistThread.Join(); + } } // allowing a user to choose the storage location is not approved yet @@ -95,7 +111,7 @@ namespace sscs.lss { userStore = store; m_baGeneratedKey = baMasterPasscode; - LoadPersistentStore(); + LoadPersistentStore(ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); userStore.DumpSecretstore(); } @@ -120,6 +136,15 @@ namespace sscs.lss } } + public void PersistServerStoreWithDelay() + { + if (sPersistThread == null) + { + sPersistThread = new Thread(new ThreadStart(PersistServerStoreDelayThreadFn)); + sPersistThread.Start(); + } + } + public bool StopPersistence() { if(persistThread != null) @@ -130,56 +155,133 @@ namespace sscs.lss return true; } - public bool IsOwnedByRoot(string fileName) - { -#if LINUX - sockFileInfo = new Mono.Unix.UnixFileInfo(fileName); - sockFileOwner = sockFileInfo.OwnerUser; - if(0==sockFileOwner.UserId) - return true; - else - return false; -#else - return true; -#endif + public bool StopServerPersistence() + { + if(sPersistThread != null) + { + sPersistThread.Abort(); + sPersistThread.Join(); + } + return true; + } + + public bool IsOwnedByRoot(string fileName) + { +#if LINUX + sockFileInfo = new Mono.Unix.UnixFileInfo(fileName); + sockFileOwner = sockFileInfo.OwnerUser; + if(0==sockFileOwner.UserId) + return true; + else + return false; +#else + return true; +#endif } + private string GetDecryptedServerSecretsXml() + { + try + { + string fileName = userStore.GetServerSecretsPersistenceFilePath(); + string tempFile = fileName; + int count = 0; + if(!File.Exists(fileName)) + { + while(true) + { + // check for tmp file + if (File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + { + File.Move(tempFile+".tmp", fileName); + break; + } + else + { + count++; + tempFile = fileName + count.ToString(); + } + } + else + return null; + + } + + // delete tmp file if there + if (File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + File.Delete(tempFile+".tmp"); + } + } + + byte[] baPasscode = null; + if (null != m_baGeneratedKey) + baPasscode = m_baGeneratedKey; + else + baPasscode = CASACrypto.GetServerMasterPasscodeUsingSystemKey(userStore.GetServerPasscodeBySystemKeyFilePath()); + + if( null == baPasscode ) + return null; + + byte[] key = CASACrypto.GetKeySetFromFile(baPasscode,userStore.GetServerKeyFilePath()); + if( null == key ) + return null; + + byte[] decryptedBuffer = CASACrypto.ReadFileAndDecryptData(key,fileName); + + if( null == decryptedBuffer ) + return null; + + string temp = Encoding.UTF8.GetString(decryptedBuffer, 0, decryptedBuffer.Length); + + return temp; + } + catch(Exception e) + { + CSSSLogger.ExpLog(e.ToString()); + CSSSLogger.DbgLog("Unable to get persistent store"); + } + return null; + } private string GetDecryptedXml() { try { string fileName = userStore.GetPersistenceFilePath(); - string tempFile = fileName; - int count = 0; - if(!File.Exists(fileName)) - { - while(true) - { - // check for tmp file - if (File.Exists(tempFile+".tmp")) - { - if(IsOwnedByRoot(tempFile+".tmp")) - { - File.Move(tempFile+".tmp", fileName); - break; - } - else - { - count++; - tempFile = fileName + count.ToString(); - } - } - else - return null; - - } - - // delete tmp file if there - if (File.Exists(tempFile+".tmp")) - { - if(IsOwnedByRoot(tempFile+".tmp")) - File.Delete(tempFile+".tmp"); + string tempFile = fileName; + int count = 0; + if(!File.Exists(fileName)) + { + while(true) + { + // check for tmp file + if (File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + { + File.Move(tempFile+".tmp", fileName); + break; + } + else + { + count++; + tempFile = fileName + count.ToString(); + } + } + else + return null; + + } + + // delete tmp file if there + if (File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + File.Delete(tempFile+".tmp"); } } @@ -212,17 +314,23 @@ namespace sscs.lss } return null; } + /* This method, uses the key to decrypt the persistent store * and populates userStore with the persistent data. */ - private bool LoadPersistentStore() + private bool LoadPersistentStore(string keyChainId) { try { - string xpath = ""; + //string xpath = ""; XmlDocument doc = new XmlDocument(); - string xmlToLoad = GetDecryptedXml(); + string xmlToLoad = null; + if ( keyChainId == ConstStrings.SSCS_SESSION_KEY_CHAIN_ID ) + xmlToLoad = GetDecryptedXml(); + else if ( keyChainId == ConstStrings.SSCS_SERVER_KEY_CHAIN_ID ) + xmlToLoad = GetDecryptedServerSecretsXml(); + if(xmlToLoad != null) { doc.LoadXml(xmlToLoad); @@ -403,24 +511,40 @@ namespace sscs.lss private void PersistStoreDelayThreadFn() { Thread.Sleep(15000); - PersistStore(); + PersistStore(ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); persistThread = null; } + private void PersistServerStoreDelayThreadFn() + { + Thread.Sleep(15000); + PersistStore(ConstStrings.SSCS_SERVER_KEY_CHAIN_ID); + sPersistThread = null; + } + private void PersistStoreThreadFn() { while(true) { Thread.Sleep(persistThreadSleepTime); - PersistStore(); + PersistStore(ConstStrings.SSCS_SESSION_KEY_CHAIN_ID); } } + private void PersistServerStoreThreadFn() + { + while(true) + { + Thread.Sleep(persistThreadSleepTime); + PersistStore(ConstStrings.SSCS_SERVER_KEY_CHAIN_ID); + } + } + /* Persists the store to an xml file. * TBD : Would we require any form of encoding? */ - internal void PersistStore() + internal void PersistStore(string keyChainId) { string sPeristSecrets = null; @@ -434,53 +558,66 @@ namespace sscs.lss if ((sPeristSecrets != null) && (sPeristSecrets.Equals("0"))) { // delete .miCASA file and .IV file - File.Delete(userStore.GetPersistenceFilePath()); + if ( keyChainId == ConstStrings.SSCS_SESSION_KEY_CHAIN_ID ) + File.Delete(userStore.GetPersistenceFilePath()); + else if ( keyChainId == ConstStrings.SSCS_SERVER_KEY_CHAIN_ID ) + File.Delete(userStore.GetServerSecretsPersistenceFilePath()); return; } //userStore.DumpSecretstore(); try { - MemoryStream ms1 = GetSecretsAsXMLStream(this.userStore); - //byte[] key = CASACrypto.GetKeySetFromFile(CASACrypto.GetMasterPasscode(userStore.GetDesktopPasswd(),userStore.GetPasscodeByDesktopFilePath()),userStore.GetKeyFilePath()); - byte[] key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath()); + MemoryStream ms1 = GetSecretsAsXMLStream(this.userStore, keyChainId); + byte[] key = null; + string fileName = null; - string fileName = userStore.GetPersistenceFilePath(); - string tempFile = fileName; - int count=0; - - // rename existing file - if(File.Exists(fileName)) - { - while(true) - { - if (File.Exists(tempFile+".tmp")) - { - if(IsOwnedByRoot(tempFile+".tmp")) - { - File.Delete(tempFile+".tmp"); - break; - } - else - { - count++; - tempFile = fileName + count.ToString(); - } - } - else - break; - } - File.Move(fileName, tempFile+".tmp"); - } - - CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName); - - //remove temp - if(File.Exists(tempFile+".tmp")) - { - if(IsOwnedByRoot(tempFile+".tmp")) - File.Delete(tempFile+".tmp"); - } + if ( keyChainId == ConstStrings.SSCS_SESSION_KEY_CHAIN_ID ) + { + key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetKeyFilePath()); + fileName = userStore.GetPersistenceFilePath(); + } + else if ( keyChainId == ConstStrings.SSCS_SERVER_KEY_CHAIN_ID ) + { + key = CASACrypto.GetKeySetFromFile(m_baGeneratedKey, userStore.GetServerKeyFilePath()); + fileName = userStore.GetServerSecretsPersistenceFilePath(); + } + + string tempFile = fileName; + int count=0; + + // rename existing file + if(File.Exists(fileName)) + { + while(true) + { + if (File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + { + File.Delete(tempFile+".tmp"); + break; + } + else + { + count++; + tempFile = fileName + count.ToString(); + } + } + else + break; + } + File.Move(fileName, tempFile+".tmp"); + } + + CASACrypto.EncryptDataAndWriteToFile(ms1.ToArray(),key,fileName); + + //remove temp + if(File.Exists(tempFile+".tmp")) + { + if(IsOwnedByRoot(tempFile+".tmp")) + File.Delete(tempFile+".tmp"); + } } catch(Exception e) { @@ -488,7 +625,7 @@ namespace sscs.lss } } - internal static MemoryStream GetSecretsAsXMLStream(SecretStore userStore) + internal static MemoryStream GetSecretsAsXMLStream(SecretStore userStore, string keyChainId) { try { @@ -506,13 +643,16 @@ namespace sscs.lss while( iter.MoveNext() ) { KeyChain kc = (KeyChain)iter.Value; - writer.WriteStartElement(XmlConsts.keyChainNode); string kcId = kc.GetKey(); tmpId = new char[kcId.Length-1]; for(int i = 0; i < kcId.Length-1; i++ ) tmpId[i] = kcId[i]; sTmpId = new string(tmpId); + if( ( keyChainId != null ) && ( keyChainId != sTmpId )) + continue; + + writer.WriteStartElement(XmlConsts.keyChainNode); writer.WriteAttributeString(XmlConsts.idAttr,sTmpId); // If we need to store time writer.WriteStartElement(XmlConsts.timeNode); diff --git a/CASA/micasad/startup/micasad b/CASA/micasad/startup/micasad index b2069157..3054f4b9 100644 --- a/CASA/micasad/startup/micasad +++ b/CASA/micasad/startup/micasad @@ -50,6 +50,7 @@ case "$1" in if ! is_running; then \ echo -n "Starting miCASA daemon" $MICASAD_BIN + sleep 2 fi # Remember status and be verbose rc_status -v diff --git a/CASA/micasad/verbs/WriteKey.cs b/CASA/micasad/verbs/WriteKey.cs index eb34f751..a18d0df4 100644 --- a/CASA/micasad/verbs/WriteKey.cs +++ b/CASA/micasad/verbs/WriteKey.cs @@ -165,6 +165,11 @@ namespace sscs.verbs SecretStore ssStore = SessionManager.GetUserSecretStore(tempUserId); if (!ssStore.IsStoreLocked()) { + if((keyChainId == ConstStrings.SSCS_SESSION_KEY_CHAIN_ID + "\0") && (!ssStore.CheckIfKeyChainExists(keyChainId))) + { + ssStore.AddKeyChain(new KeyChain(keyChainId)); + } + if( ssStore.CheckIfKeyChainExists(keyChainId) ) { keyChain = ssStore.GetKeyChain(keyChainId); @@ -222,7 +227,7 @@ namespace sscs.verbs } } else - { + { retCode = IPCRetCodes.SSCS_SECRET_STORE_IS_LOCKED; } diff --git a/CASA/micasad/verbs/WriteSecret.cs b/CASA/micasad/verbs/WriteSecret.cs index b44518ef..e23a4af6 100644 --- a/CASA/micasad/verbs/WriteSecret.cs +++ b/CASA/micasad/verbs/WriteSecret.cs @@ -171,6 +171,7 @@ namespace sscs.verbs ssStore.StartPersistenceByDesktopPasswd(passwd); } } + ssStore.UpdatePersistentStore(); } else { @@ -204,7 +205,7 @@ namespace sscs.verbs } } else - { + { retCode = IPCRetCodes.SSCS_SECRET_STORE_IS_LOCKED; } }